This will allow user johnsmith to have rwx permissions to this file. The aclget displays: * * ACL_type AIXC * attributes: base permissions owner(root): rwx group(system): r-x others: r-x extended permissions enabled permit rwx u:johnsmith
How can this be setup and managed from a global location via Centrify?
Answer: The target of acledit is a file - i.e. It is updating the ACL of the named file object and requires the EDITOR environment variable to invoke.
This means it is not user-extend attribute related - but is file related. This is beyond the scope of DirectControl.
However, Group Policies are capable of being pushed out to many machines to run some command/script, but as this one requires EDITOR - meaning interaction with user is needed - there is no way to provide the needed interaction.
It may be possible to work with piped input, but this is an untested concept, and it still needs a way to get different input at different times.
As this is beyond the scope of Centrify - The above are provided as possible suggestions only.
Note: This is about pure AIX file/access permissions. In all other UNIX systems, Linux, Sun, HP, etc., there is no acledit, it is only in AIX. Everything above can be done with the UNIX command chmod, except the AIX extended attributes. Centrify has never done anything with file permissions or file attributes.